Powershell DirectorySearcher 空输出

Question

我正在编写一个 powershell 脚本，用于搜索 Active Directory OU 中的用户，并允许我通过从列表中选择匹配项来重置密码。我找到了一个使用 System.DirectoryServices.DirectoryEntry 和 System.DirectoryServices.DirectorySearcher 的Tutorial，并将其修改如下：

$objDomain = New-Object System.DirectoryServices.DirectoryEntry("LDAP:\\[REDACTED]")

##ReadSTDIN
$strSearch = Read-Host -Prompt "Search"
$strCat = "(&(objectCategory=User)(Name=*" + $strSearch + "*))"
## Search Object
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strCat
$objSearcher.SearchScope = "Subtree"
#Load Required Properties into the dynObjLink
$objSearcher.PropertiesToLoad.Add("name")
$objSearcher.PropertiesToLoad.Add("userPrincipalName")
$objSearcher.PropertiesToLoad.Add("SamAccountName")

##Magical Search Function
$colResults = $objSearcher.FindAll() 
$colResults.PropertiesLoaded

#for every returned userID add them to a table
ForEach ($objResult in $colResults)
    {$a++
    $objResult.count
    $objItem = $objResult.Properties
        $objItem.name 
        $objItem.userPrincipalName
    $results.Add($a, $objItem.name + $objItem.userPrincipalName + $objItem.SamAccountName) 
}

#Print Table
$results | Format-Table -AutoSize

这很好用，但是当它打印数据时，我只能得到返回的任何东西的“名字”值。其他所有内容都变为 NULL，我不知道为什么。

Name Value                             
---- -----                                                
3    {James3 [REDACTED], $null, $null}      
2    {James2 [REDACTED], $null, $null}      
1    {James1 [REDACTED], $null, $null}         

我尝试了不同类型的身份验证和操作值，但 DirectorySearcher 对象似乎只收集它返回的任何记录的“名称”值，无论我加载什么。帮忙？

Answer 1

这里有一个更短的（并且与 PowerShell v2 兼容）的方法：

#requires -version 2
param(
  [Parameter(Mandatory=$true)]
    [String] $SearchPattern
)

$searcher = [ADSISearcher] "(&(objectClass=user)(name=$SearchPattern))"
$searcher.PageSize = 1000
$searcher.PropertiesToLoad.AddRange(@("name","samAccountName","userPrincipalName"))
$searchResults = $searcher.FindAll()
if ( $searchResults.Count -gt 0 ) {
  foreach ( $searchResult in $searchResults ) {
    $properties = $searchResult.Properties
    $searchResult | Select-Object `
      @{Name = "name";              Expression = {$properties["name"][0]}},
      @{Name = "sAMAccountName";    Expression = {$properties["samaccountname"][0]}},
      @{Name = "userPrincipalName"; Expression = {$properties["userprincipalname"][0]}}
  }
}
$searchResults.Dispose()

请注意，之后无需构建列表和输出。只需输出每个搜索结果。将此代码放入脚本文件并调用它：

PS C:\Scripts> .\Searcher.ps1 "*dyer*"

如果您省略该参数，PowerShell 会提示您输入（因为该参数被标记为必填）。

Answer 2

尝试使用与 PropertiesToLoad 匹配的属性

$entry = new-object -typename system.directoryservices.directoryentry  -ArgumentList $LDAPServer, "ldap", "esildap"
$entry.Path="LDAP://OU=childOU,OU=parentOU,DC=dc1,DC=dc2"
$searcher = new-object -typename system.directoryservices.directorysearcher -ArgumentList $entry

$searcher.PropertiesToLoad.Add('samaccountname')
$searcher.PropertiesToLoad.Add('mail')
$searcher.PropertiesToLoad.Add('displayname')

$objs = $searcher.findall()

foreach($data in $objs)
{
    $samaccountname = $data.properties['samaccountname'][0] + ''
    $mail = $data.properties['mail'][0] + ''
    $displayname = $data.properties['displayname'][0] + ''
}

when accessing the properties of the resultset you get a System.DirectoryServices.ResultPropertyValueCollection type for each property

 to get a string value for passing to a database the property value access the zero index of the object